<?php
class User
{
  private $id;//login name
  private $grp_id;
  private $password;//sha1 string
  private $name;//real name
  private $email;
  private $about;
  private $status;//active or suspended
  private $lang;//2 letters code (en,fr,es...)
  private $skin;//theme folder name
  private $lastfm_usr;
  private $lastfm_pass;//md5 string
  
  public function __construct($id='',$values='')
  {
    if(empty($id) and empty($values))//création, formulaire vide
    {
    }

    if(!empty($id) and empty($values))//récupération dans la base, affichage
    {
      $this->id = $id;
      $this->read();
    }

    if(!empty($id) and !empty($values))//modification
    {
      $this->update();
    }

    if(empty($id) and !empty($values))//insertion
    {
      $this->create();
    }
  }

  private function create()
  {
    $sql = '';
    $dbh = new PDO(DB_DSN,DB_USER,DB_PASS);
    $req = $dbh->exec($sql);
    return $req->rowCount();
  }

  private function read()
  {
    $sql = "SELECT * FROM usr WHERE id='".sqlite_escape_string($this->id)."'";
    $dbh = new dbSql();
    $res = $dbh->query($sql);
    if(empty($res))
    {
      throw new Exception('unknown user');
    }
    $this->id         = $res[0]['id'];
    $this->grp_id     = $res[0]['grp_id'];
    $this->password   = $res[0]['password'];
    $this->name       = $res[0]['name'];
    $this->email      = $res[0]['email'];
    $this->about      = $res[0]['about'];
    $this->status     = $res[0]['status'];
    $this->lang       = $res[0]['lang'];
    $this->skin       = $res[0]['skin'];
    $this->lastfm_usr = $res[0]['lastfm_usr'];
    $this->lastfm_pass= $res[0]['lastfm_pass'];
  }
/*
  public function update()
  {
    $sql = 'UPATE';
    $dbh = new PDO(DB_DSN,DB_USER,DB_PASS);
    $req = $dbh->exec($sql);
    return $req->rowCount();
  }
*/
  public static function delete($id)
  {
    $sql = "DELETE FROM usr WHERE id='".$id."'";
    $dbh = new dbSql();
    $res = $dbh->exec($sql);
    return $res;
  }
  
  public function changePassword($pwd)
  {
    $this->password = sha1($pwd);
    $sql = "UPDATE usr SET password='".sqlite_escape_string($this->password)."' WHERE id='".$this->id."'";
    $dbh = new dbSql();
    $res = $dbh->exec($sql);
    if($res === 1)
    {
      return true;
    }
    else
    {
      return false;
    }
  }
  
  public function form()
  {
    $status_select = Html::mkSelect(array(
      'values'=>array(
        'active'=>STR_UI_ACTIVE,
        'suspended'=>STR_UI_SUSPENDED
      ),
      'selected'=>$this->status,
      'script'=>'onmouseover="help(str.hlp_change_status);" onchange="changeUserStatus(\''.$this->id.'\',this.value);"'
    ));
    
    $groups = Group::getGroups();
    foreach($groups as $group)
    {
      $grplst[$group['id']]=$group['id'];
    }
    
    $groups_select = Html::mkSelect(array(
      'values'=>$grplst,
      'selected'=>$this->grp_id,
      'script'=>'onmouseover="help(str.hlp_change_group);" onchange="changeUserGroup(\''.$this->id.'\',this.value);"'
    ));
    
    $html = '<form action="#" method="post" onsubmit="return false;">
                <fieldset>
                  '.$status_select.'&nbsp;<label>'.STR_UI_STATUS.'</label>&nbsp;
                  '.$groups_select.'&nbsp;<label>'.STR_UI_GROUP.'</label>&nbsp;
                  <input type="image" src="app/skin/transparent.gif" class="btnPassword" onmouseover="help(str.hlp_user_change_password);" onclick="userChangePassword(\''.addslashes($this->id).'\');"/>
                </fieldset>
              </form>';
    return $html;
  }
  
  public function changeGroup($group)
  {
    $group = trim($group);
    if(!empty($group))
    {
      $this->grp_id = $group;
      $sql = "UPDATE usr SET grp_id='".sqlite_escape_string($this->grp_id)."' WHERE id='".$this->id."'";
      $dbh = new dbSql();
      $res = $dbh->exec($sql);
      if($res === 1)
      {
        return true;
      }
      else
      {
        return false;
      }
    }
    return false;
  }
  
  public function switchStatus()
  {
    if($this->status == 'active')
    {
      $this->status = 'suspended';
    }
    else
    {
      $this->status = 'active';
    }
    $sql = "UPDATE usr SET status='".sqlite_escape_string($this->status)."' WHERE id='".$this->id."'";
    $dbh = new dbSql();
    $res = $dbh->exec($sql);
    if($res === 1)
    {
      return true;
    }
    else
    {
      return false;
    }
  }
  
  public static function createNew($id,$pass)
  {
    $id = trim($id);
    $pass = trim($pass);
    
    $dbh = new dbSql();
    $sql = "INSERT INTO usr VALUES( '".sqlite_escape_string($id)."',
                                    'guest',
                                    '".sqlite_escape_string(sha1($pass))."',
                                    '',
                                    '',
                                    '',
                                    'suspended',
                                    'en',
                                    'default',
                                    '',
                                    '')";
    try
    {
      $res = $dbh->exec($sql);
    }
    catch(Exception $e)
    {
      return($e->getMessage());
    }
    return $res;
  }
  
  public static function listUsers($selected='')
  {
    $sql = "SELECT id FROM usr WHERE id!='admin' ORDER BY id";
    $dbh = new dbSql();
    $res = $dbh->query($sql);
    $list['empty'] = STR_HLP_USERS_LIST;
    foreach($res as $item)
    {
      $list[$item['id']] = $item['id'];
    }
    $html = '<input type="image" src="app/skin/transparent.gif" class="btnUserAdd" onmouseover="help(str.hlp_add_user);" onclick="addUser();"/>&nbsp;'
    .Html::mkSelect(array('selected'=>$selected,'id'=>'usersSelect','script'=>'onchange="userForm(this.value);"','values'=>$list))
    .'&nbsp;<input type="image" src="app/skin/transparent.gif" class="btnUserDelete" onmouseover="help(str.hlp_delete_user);" onclick="deleteUser();"/>';
    return $html;
  }
}
?>
